debsecan

Debian Security Analyzer, a tool to list vulnerabilities on a particular Debian installation.

TLDR

List vulnerable installed packages on the current host

$ debsecan
copy

List vulnerable installed packages of a specific suite

$ debsecan --suite [release_code_name]
copy

List only fixed vulnerabilities

$ debsecan --suite [release_code_name] --only-fixed
copy

List only fixed vulnerabilities of unstable ("sid") and mail to root

$ debsecan --suite [sid] --only-fixed --format [report] --mailto [root] --update-history
copy

Upgrade vulnerable installed packages

$ sudo apt upgrade $(debsecan --only-fixed --format [packages])
copy

Copied to clipboard
Raspberry